dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat(ssl): improve Redis and remove modes

Browse Source
This commit is contained in:
peaklabs-dev
2025-02-10 19:23:39 +01:00
parent 792b1b889f
commit 4547647e98
3 changed files with 12 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
app/Actions/Database/StartRedis.php
View File

@@ -98,22 +98,11 @@ class StartRedis
], ],
'labels' => defaultDatabaseLabels($this->database)->toArray(), 'labels' => defaultDatabaseLabels($this->database)->toArray(),
'healthcheck' => [ 'healthcheck' => [
'test' => $this->database->enable_ssl 'test' => [
? [ 'CMD-SHELL',
'CMD-SHELL', 'redis-cli',
'redis-cli', 'ping',
'--tls', ],
'--cacert /etc/redis/certs/coolify-ca.crt',
'--cert /etc/redis/certs/server.crt',
'--key /etc/redis/certs/server.key',
'-p 6380',
'ping',
]
: [
'CMD-SHELL',
'redis-cli',
'ping',
],
'interval' => '5s', 'interval' => '5s',
'timeout' => '5s', 'timeout' => '5s',
'retries' => 10, 'retries' => 10,
@@ -294,23 +283,13 @@ class StartRedis
} }
if ($this->database->enable_ssl) { if ($this->database->enable_ssl) {
$sslArgs = match ($this->database->ssl_mode) { $sslArgs = [
'require' => [ '--tls-port 6380',
'--tls-port 6380', '--tls-cert-file /etc/redis/certs/server.crt',
'--tls-cert-file /etc/redis/certs/server.crt', '--tls-key-file /etc/redis/certs/server.key',
'--tls-key-file /etc/redis/certs/server.key', '--tls-ca-cert-file /etc/redis/certs/coolify-ca.crt',
'--tls-ca-cert-file /etc/redis/certs/coolify-ca.crt', '--tls-auth-clients optional',
'--tls-auth-clients no', ];
],
'verify-ca' => [
'--tls-port 6380',
'--tls-cert-file /etc/redis/certs/server.crt',
'--tls-key-file /etc/redis/certs/server.key',
'--tls-ca-cert-file /etc/redis/certs/coolify-ca.crt',
'--tls-auth-clients yes',
],
default => []
};
} }
if (! empty($sslArgs)) { if (! empty($sslArgs)) {

3
app/Livewire/Project/Database/Redis/General.php
View File

@@ -47,7 +47,6 @@ class General extends Component
'redis_username' => 'required', 'redis_username' => 'required',
'redis_password' => 'required', 'redis_password' => 'required',
'database.enable_ssl' => 'boolean', 'database.enable_ssl' => 'boolean',
'database.ssl_mode' => 'nullable|string|in:require,verify-ca',
]; ];
protected $validationAttributes = [ protected $validationAttributes = [
@@ -62,7 +61,6 @@ class General extends Component
'redis_username' => 'Redis Username', 'redis_username' => 'Redis Username',
'redis_password' => 'Redis Password', 'redis_password' => 'Redis Password',
'database.enable_ssl' => 'Enable SSL', 'database.enable_ssl' => 'Enable SSL',
'database.ssl_mode' => 'SSL Mode',
]; ];
public function mount() public function mount()
@@ -155,7 +153,6 @@ class General extends Component
{ {
try { try {
$this->database->enable_ssl = $this->database->enable_ssl; $this->database->enable_ssl = $this->database->enable_ssl;
$this->database->ssl_mode = $this->database->ssl_mode;
$this->database->save(); $this->database->save();
$this->dispatch('success', 'SSL configuration updated.'); $this->dispatch('success', 'SSL configuration updated.');
} catch (Exception $e) { } catch (Exception $e) {

7
resources/views/livewire/project/database/redis/general.blade.php
View File

@@ -81,13 +81,6 @@
@endif @endif
<div class="flex flex-col gap-2"> <div class="flex flex-col gap-2">
<x-forms.checkbox id="database.enable_ssl" label="Enable SSL" wire:model.live="database.enable_ssl" instantSave="instantSaveSSL" /> <x-forms.checkbox id="database.enable_ssl" label="Enable SSL" wire:model.live="database.enable_ssl" instantSave="instantSaveSSL" />
@if($database->enable_ssl)
<x-forms.select id="database.ssl_mode" label="SSL Mode" wire:model.live="database.ssl_mode" instantSave="instantSaveSSL"
helper="Choose the SSL verification mode for Redis connections">
<option value="require">require</option>
<option value="verify-ca">verify-ca</option>
</x-forms.select>
@endif
</div> </div>
</div> </div>
<div> <div>